What's the red flag
This red flag involves altering a senders address or URL to trick users. Ex: goog!e.com
What is Spoofing?
These tools help users manage and store multiple complex passwords
What are password managers?
This application filters traffic between a private network and the internet.
What is a firewall
Risk presented to organizations by current or past employees who have knowledge of how the organization works and what and where the most valuable information is stored.
What is insider threat?
This type of cybersecurity test simulates an attack to evaluate the defenses of a system.
What is penetration testing?
This red flag includes attachments with unfamiliar names or unexpected file types like .exe or .zip
What is malware distribution (also accepted: phishing attempt, malicious email)
This security measure requires users to use two or more ways to prove they are who they say they are.
What is multi-factor authentication?
This protocol is used to securely browse websites (hint: think padlock icon)
What is HTTPS
cyberattacks or cyber espionage carried out by, or on behalf of, a government or state entity to advance national interests, often involving highly sophisticated tactics and resources
What is state-sponsored hijacking. (Also accepted: Nation States)
This method encrypts data using the same key for both encryption and decryption
What is symmetric encryption?
As you were doing work at a coffee shop you noticed the person next to you watching as you typed in login details like usernames and passwords. This is known as?
Shoulder surfing (DOA)
This form of authentication relies on something you are, like your fingerprint or face.
What is biometric authentication?
What is SSH?
An attacker that maintains long-term access to a target system without being detected, often using zero-days and custom malware.
What is an Advanced Persistent Threat (APT)?
This vulnerability occurs when an application includes untrusted data in a dynamic query without proper validation, allowing attackers to manipulate backend logic.
What is an injection attack (SQL injection)?
You work in the IT department and notice a user accessing data unrelated to their job and requesting higher privileges than they're assigned. This is a red flag for what kind of internal security risk?
Insider threat (also accepted answers: privilege escalation)
When you log in once and get access to multiple systems without re-authenticating
What is Single Sign-On (SSO)?
What is a list that specifies which users or groups can access which resources, and what actions they are permitted to perform?
What are access control lists (ACLs)?
This technique, used by rootkits and nation-state malware involves modifying the operating system to hide files and processes.
What is kernel-level hooking (or rootkit evasion)?
This term refers to the act of gaining unauthorized access to systems by exploiting software vulnerabilities before developers have a chance to patch them.
What is a Zero day exploit
You work in the IT department and notice a users account starts downloading massive amounts of data outside regular business hours. This is a red flag for what type of threat?
Data exfiltration
This authentication protocol is often used in enterprise environments and supports single sign-on
What is Kerberos?
These tools detect and alert on malicious activity in real-time on a network
What are Intrusion Detection Systems (IDS)? (SIEMs also accepted?)
This technique allows attackers to bypass access control by crafting URLs that expose hidden files or functions
What is Insecure Direct Object Reference (IDOR)?
This type of malware hides its presence by modifying low-level system functions and often operates at the kernel level.
What is a RootKit?